2 3 4 5 6 Next >
Category: Auditing » Passwords
Katana: Portable Multi-Boot Security Suite
Katana v1 (Kyuzo) has just been released from www.hackfromacave.com . The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite security tools, you can keep them all conveniently in your pocket. Katana includes distributions which focus on Penetration Testing, Auditing, Password Cracking, Forensics and Honey Pots. Katana comes with over 100 portable Windows applications, such as Wireshark, HiJackThis, Unstoppable Copier, Firefox, and OllyDBG. It also includes the following distributions: - Backtrack 4 pre - the Ultimate Boot CD - Ophcrack Live - Damn Small Linux - the Ultimate Boot CD for Windows - Got Root? Slax - Organizational Systems Wireless Auditor (OSWA) Assistant - Damn Vulnerable Linux Katana is also highly customizable. You can modify Katana by adding or removing distributions and portable apps with ease. You can add functionality to distributions like the Ultimate Boot CD, Got Root? Slax and UBCD4Win. You can also load your personal scripts and documents to keep them conveniently with you on your flash drive to use in concert with the provided tools. More informations on this can be found at forum.hackfromacave.com
CUPP is a Common User Passwords Profiler. The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values. A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password. That is why CUPP was born, and it can be used in situations like legal penetration tests or forensic crime investigations.
modular open source platform for network security tools. Multi-platform GUI. Tools included: TCP/UDP network information gathering, fingerprinting, service detection, DNS tools, zone transfer, passive information gathering, modular sniffing engine, credential sniffing, geographical information,web crawler.
This tool provides a simple way to crack Microsoft Windows NT Hash (MD4) when the LM Password is known. It is entirely written in perl, so its easily ported and installed. This program must be used with the password cracker "John the Ripper" http://www.openwall.com/john/ * Example : [yann@xmcopartners:~/lm2ntcrack]$ time perl lm2ntcrack.pl -v -l="AZERTY123$" -n="81CD1A1C4CBCE05C0F8D411ACEC7587F" ############################################################################ # NT Password cracker from LM password # Version : 0.5a - Oct 2008 # By Yannick HAMON
Many (if not most) VoIP devices have available a Web GUI for their configuration, management, and report generation. These Web GUIs are often on default, meaning that the moment you install the IP phone or IP PBX, the Web GUI is immediately available on the network. And unfortunately it is also common for the username and password to have the default values. Sipflanker will help you find these SIP devices with potentially vulnerable Web GUIs in your network. What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open. The combination of an open port 80, together with port 5060, either open or closed, signals a SIP device with a Web GUI.
Windows Live Password Recovery
Windows Live Password Recovery is the tool that will instantly find, decrypt & recover Windows Live passwords that were saved by Windows Live Messenger on your PC under the current login. This decoder will recover multiple accounts and supports all known versions of Windows Live Messenger including Messenger Beta, MSN Messenger and Windows Messenger. This cracker works when the "Remember My Password" checkbox is ticked in Windows Live Messenger. Even is you have un-installed Windows Live Messenger there is still a chance that your password is saved on your PC.
ZippyLock is a free and extremely easy to use password management utility. Your password entries are kept in a 'private file' and nowhere else. ZippyLock uses Windows clipboard to transfer your data into forms (see the Demo at web site). When you run ZippyLock for the first time, it prompts you to create a new private file, and asks you to specify a MASTER PASSWORD. Later you will be prompted to save your private file. The private file will be stored on your hard-disk (or a USB Disk). The private file will be Triple-DES encrypted using a unique hash number generated from your MASTER PASSWORD. The hash number too will be encrypted by itself and stored in the same private file along with your encrypted passwords. Note that your MASTER PASSWORD is not stored anywhere. Your encrypted passwords are not stored anywhere other than the private file. No other auxiliary or reference information is kept in hidden places like registry, WINDOWS directory etc. Everything is stored in your private file that you control and nowhere else. In general TDES with three different keys (3TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. As of 2005, the best attack known on 3TDES requires around 232 known plaintexts, 2113 steps, 290 single DES encryptions, and 288 memory. This is not currently practical.
Scuba by Imperva
Scuba by Imperva is a free, lightweight Java tool that scans Oracle, DB2, MS-SQL, and Sybase databases for hundreds of software vulnerabilities. It also detects configuration flaws like insecure passwords, unsafe processes, unrestricted permission levels, and more. Furthermore, it generates HTML and Java reports that show overall security risk level and detailed information about each vulnerability so you can pinpoint configuration risks within minutes. Scuba by Imperva detects hundreds of database vulnerabilities and configuration issues. And better yet it helps you meet industry-leading best practices standards for database configuration and management.
md5tables is a shell script that references a wordlist of md5 hashes and words for password auditing. It can crack MD5 hashes from a wordlist of hashes/words in mere seconds.
MSN Password Recovery
MSN Messenger Password Recovery is the MSN password finder that instantly cracks and decrypts the MSN Messenger and Windows Messenger passwords stored on your computer. New version adds support for latest Windows Live Messeger (version 8).
Browse by category